Security researcher identifies critical vulnerability in Internet Explorer

A zero-day exploit discovered by security researcher Eric Romang in several older versions of Microsoft s web browser Internet Explorer (IE) could be exposing users to criminal computer hackers.

Romang published the discovery on his blog last week, warning readers that .

The exploit, which could affect users who accidentally or intentionally visit a malicious website, potentially allows hackers to gain the same privileges as the authorised user and install or delete programs at will.

The zero-day in question has since been removed by the team behind it, however the vulnerability remains and an exploit module has been released.

Microsoft responded to the news by issuing a Security Advisory on September 17, assuring the public that they are addressing the issue and will take once more information about the exploit has been revealed.

However some experts are advising users to switch to a different web browser in the meantime as a vulnerability management precaution, in order to reduce the risk of being affected.

The German government s Federal Office for Information Security has even gone so far as to encourage its citizens to stop using Internet Explorer until a patch or other such solution has been released.

Microsoft has advised affected IE users to download and install an Enhanced Mitigation Experience Toolkit in order to mitigate vulnerability until a more permanent fix can be identified.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s